Hi,
I want to enable WMS for a secure services published to a federated ArcGIS Server (10.7.1). We're using IWA for our Enterprise.
The WMS works fine if parent map service and the WMS layer is shared with "everyone", but when sharing only to my organization or a portal group, then I'm unable to view the WMS.
I also get the error https://pro.arcgis.com/en/pro-app/latest/help/sharing/analyzer-error-messages/00297-layers-must-be-s... which states that it must be shared with everyone. Is this the case, must WMS services be shared with everyone?
Solved! Go to Solution.
Hello @EinarD
This is expected behavior, OGC services do not support OAuth2 (used por ArcGIS Enterprise authentication), so they must be shared public.
https://support.esri.com/en/bugs/nimbus/QlVHLTAwMDA5NTkzOQ==
There are also some other limitations related to OGC services.
https://gis.fema.gov/arcgis/help/en/portal/latest/use/ogc.htm#
The alternatives are:
- If its a federated environment, publish the layers as public (you could disable the service directory of ArcGIS Server).
- Use an ArcGIS GIS Server stand-alone (without federation) and web-tier authentication, publish, and secure the service.
Regards.
Did you see this: https://enterprise.arcgis.com/en/server/latest/publish-services/windows/wms-services.htm#GUID-BB6D94... ?
Thanks George, and yes, I've read this, but based on that I would expect my setup to work, since I'm using IWA and have same security settings for the parent map service as the WMS. I do wonder if it is different for Stand Alone servers as opposed to Federated ones.
I do see this in the devtools in the browser, strange since Portal and my federated server should trust each other:
Access to XMLHttpRequest at 'https://federatedserver.domain.com/arcgis/services/test/MyMapService/MapServer/WMSServer?SERVICE=WMS...' from origin 'https://Portal.domain.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
Hello @EinarD
This is expected behavior, OGC services do not support OAuth2 (used por ArcGIS Enterprise authentication), so they must be shared public.
https://support.esri.com/en/bugs/nimbus/QlVHLTAwMDA5NTkzOQ==
There are also some other limitations related to OGC services.
https://gis.fema.gov/arcgis/help/en/portal/latest/use/ogc.htm#
The alternatives are:
- If its a federated environment, publish the layers as public (you could disable the service directory of ArcGIS Server).
- Use an ArcGIS GIS Server stand-alone (without federation) and web-tier authentication, publish, and secure the service.
Regards.